@sassoftware/sas-score-mcp-serverjs 0.4.1 → 1.0.1-0

package/scripts/optimize_final.py

@@ -0,0 +1,140 @@
+#!/usr/bin/env python3
+import re
+
+# Read and replace listJobs
+with open('src/toolSet/listJobs.js', 'r') as f:
+    content = f.read()
+
+# Find and replace listJobs description - find the full description block
+pattern = r'let description = `\n  ## list-jobs.*?  `;'
+replacement = r'''let description = `
+list-jobs — enumerate SAS Viya job assets.
+
+USE when: list jobs, show jobs, browse jobs, list available jobs, next page of jobs
+DO NOT USE for: find single job (use find-job), execute job (use run-job), run jobdef (use run-jobdef), sas code (use run-sas-program)
+
+PARAMETERS
+- limit: number (default: 10) — number of jobs per page
+- start: number (default: 1) — 1-based page offset
+- where: string (default: '') — optional filter expression
+
+ROUTING RULES
+- "list jobs" → { start: 1, limit: 10 }
+- "show me 25 jobs" → { start: 1, limit: 25 }
+- "list jobs limit 50" → { start: 1, limit: 50 }
+- "next jobs" (after prior page) → { start: previousStart + previousLimit, limit: previousLimit }
+
+EXAMPLES
+- "list jobs" → { start: 1, limit: 10 }
+- "list 25 jobs" → { start: 1, limit: 25 }
+- "next jobs" → { start: 11, limit: 10 }
+
+NEGATIVE EXAMPLES (do not route here)
+- "find job abc" (use find-job)
+- "run job abc" (use run-job)
+- "list models" (use list-models)
+
+PAGINATION
+If returned length === limit, hint: next start = start + limit. Empty result with start > 1 means paged past end.
+
+ERRORS
+Surface backend error directly; never fabricate job names.
+  `;'''
+
+if re.search(pattern, content, re.DOTALL):
+    content = re.sub(pattern, replacement, content, flags=re.DOTALL)
+    with open('src/toolSet/listJobs.js', 'w') as f:
+        f.write(content)
+    print("✓ Updated listJobs.js")
+else:
+    print("✗ Pattern not found in listJobs.js")
+
+# Read and replace listJobdefs  
+with open('src/toolSet/listJobdefs.js', 'r') as f:
+    content = f.read()
+
+pattern = r'let description = `\n  ## list-jobdefs.*?  `;'
+replacement = r'''let description = `
+list-jobdefs — enumerate SAS Viya job definitions (jobdefs) assets.
+
+USE when: list jobdefs, show jobdefs, browse jobdefs, list available jobdefs, next page
+DO NOT USE for: find single jobdef (use find-jobdef), execute jobdef (use run-jobdef), find job (use find-job), sas code (use run-sas-program)
+
+PARAMETERS
+- limit: number (default: 10) — number of jobdefs per page
+- start: number (default: 1) — 1-based page offset
+- where: string (default: '') — optional filter expression
+
+ROUTING RULES
+- "list jobdefs" → { start: 1, limit: 10 }
+- "show me 25 jobdefs" → { start: 1, limit: 25 }
+- "next jobdefs" → { start: previousStart + previousLimit, limit: previousLimit }
+
+EXAMPLES
+- "list jobdefs" → { start: 1, limit: 10 }
+- "list 25 jobdefs" → { start: 1, limit: 25 }
+- "next jobdefs" → { start: 11, limit: 10 }
+
+NEGATIVE EXAMPLES (do not route here)
+- "find jobdef abc" (use find-jobdef)
+- "list jobs" (use list-jobs)
+- "run jobdef abc" (use run-jobdef)
+
+PAGINATION
+If returned length === limit, hint: next start = start + limit.
+
+ERRORS
+Surface backend error directly; never fabricate jobdef names.
+  `;'''
+
+if re.search(pattern, content, re.DOTALL):
+    content = re.sub(pattern, replacement, content, flags=re.DOTALL)
+    with open('src/toolSet/listJobdefs.js', 'w') as f:
+        f.write(content)
+    print("✓ Updated listJobdefs.js")
+else:
+    print("✗ Pattern not found in listJobdefs.js")
+
+# Read and replace runCasProgram
+with open('src/toolSet/runCasProgram.js', 'r') as f:
+    content = f.read()
+
+pattern = r'let description = `\n## run-cas-program.*?Response\n`'
+replacement = r'''let description = `
+run-cas-program — execute a CAS program on SAS Viya server.
+
+USE when: run cas program, execute cas, submit cas, run cas code, cas action
+DO NOT USE for: macros (use run-macro), sas code (use run-sas-program), jobs (use run-job/find-job), jobdefs (use run-jobdef/find-jobdef), models (use find-model)
+
+PARAMETERS
+- src: string (required) — CAS program code to execute verbatim
+- scenario: string | object (optional) — input parameters. Accepts: "x=1, y=2" or {x:1, y:2}
+
+ROUTING RULES
+- "run cas program 'action echo / code=\"xyz\"'" → { src: "action echo / code=\"xyz\"" }
+- "submit cas action echo" → { src: "action echo" }
+- "cas program with param1=10" → { src: "...", scenario: {param1: 10} }
+
+EXAMPLES
+- "run cas program 'action echo / code=\"hello\"'" → { src: "action echo / code=\"hello\"" }
+- "execute cas action simple.summary" → { src: "action simple.summary" }
+
+NEGATIVE EXAMPLES (do not route here)
+- "run sas macro" (use run-macro)
+- "submit sas code" (use run-sas-program)
+- "run job X" (use run-job)
+
+NOTES
+Sends src verbatim without validation. For SAS macros use run-macro. For arbitrary SAS code use run-sas-program.
+
+RESPONSE
+Log output, listings, tables from CAS execution. Error if execution fails.
+`'''
+
+if re.search(pattern, content, re.DOTALL):
+    content = re.sub(pattern, replacement, content, flags=re.DOTALL)
+    with open('src/toolSet/runCasProgram.js', 'w') as f:
+        f.write(content)
+    print("✓ Updated runCasProgram.js")
+else:
+    print("✗ Pattern not found in runCasProgram.js")

package/scripts/optimize_tools.py

@@ -0,0 +1,99 @@
+#!/usr/bin/env python3
+import re
+
+# DevaScore optimization
+deva_old = '''    let description = `
+## deva-score — compute a numeric score based on two input values
+
+LLM Invocation Guidance (When to use)
+Use THIS tool when:
+- User wants to calculate the deva score: "Calculate deva score for 5 and 10"
+- User provides two numbers for scoring: "Score these values: 3 and 7"
+- User wants to compute a score in a series: "Calculate scores for [list of numbers]"
+
+Do NOT use this tool for:
+- Scoring models (use model-score)
+- Statistical calculations beyond deva scoring
+- Looking up data or metadata
+
+Purpose
+Compute a numeric deva score by applying the formula (a + b) * 42 to two input numbers. For scoring more than two numbers, call this tool multiple times using the previous result as the first input (left-to-right fold).
+
+Parameters
+- a (number, required): First numeric input value
+- b (number, required): Second numeric input value
+
+Response Contract
+Returns a numeric result: (a + b) * 42
+The result is always a number representing the computed deva score.
+
+Disambiguation & Clarification
+- If user provides more than two numbers without clear instructions: "Do you want to calculate the deva score by combining these numbers left-to-right?"
+- If user provides non-numeric input: "Please provide numeric values"
+
+Examples (→ mapped params)
+- "Calculate deva score for 5 and 10" → { a: 5, b: 10 } returns 630
+- "Score 1 and 2" → { a: 1, b: 2 } returns 126
+- For multiple numbers, chain calls: devaScore(1,2)→126, then devaScore(126,3)→5418
+
+Negative Examples (should NOT call deva-score)
+- "Score this customer with the credit model" (use model-score instead)
+- "Calculate the mean of these values" (use run-sas-program or sas-query instead)
+
+Related Tools
+- None directly related (this is a specialized scoring tool)
+
+Notes
+For sequences of numbers, use a left-to-right fold: call devaScore(first, second), then use that result as the first parameter for devaScore(result, third), and so on.
+`;'''
+
+deva_new = '''    let description = `
+deva-score — compute a numeric score based on two input values.
+
+USE when: calculate deva score, score these values, compute score for numbers
+DO NOT USE for: model scoring (use model-score), statistical calculations, data lookup
+
+PARAMETERS
+- a: number (required) — first input value
+- b: number (required) — second input value
+
+FORMULA: (a + b) * 42
+
+ROUTING RULES
+- "calculate deva score for 5 and 10" → { a: 5, b: 10 }
+- "score 1 and 2" → { a: 1, b: 2 }
+- "deva score a=3, b=7" → { a: 3, b: 7 }
+- Multiple numbers → chain calls left-to-right: call(first, second), then call(result, third)
+
+EXAMPLES
+- "Calculate deva score for 5 and 10" → { a: 5, b: 10 } returns 630
+- "Score 1 and 2" → { a: 1, b: 2 } returns 126
+- "Deva score 20 and 30" → { a: 20, b: 30 } returns 2100
+
+NEGATIVE EXAMPLES (do not route here)
+- "Score this customer with credit model" (use model-score)
+- "Calculate the mean of these values" (use run-sas-program or sas-query)
+- "Statistical analysis of numbers" (use sas-query)
+
+RESPONSE
+Returns { score: (a + b) * 42 }
+    `;'''
+
+files = {
+    'src/toolSet/devaScore.js': (deva_old, deva_new),
+}
+
+for filepath, (old, new) in files.items():
+    try:
+        with open(filepath, 'r', encoding='utf-8') as f:
+            content = f.read()
+        
+        if old in content:
+            content = content.replace(old, new)
+            with open(filepath, 'w', encoding='utf-8') as f:
+                f.write(content)
+            print(f"✓ Updated {filepath}")
+        else:
+            print(f"✗ Pattern not found in {filepath}")
+    except Exception as e:
+        print(f"✗ Error updating {filepath}: {e}")

package/scripts/setup-skills.js

@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import os from 'os';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+// Paths
+let client = (process.env.CLIENTNAME == null) ? '.github' : `.${process.env.CLIENTNAME.toLowerCase()}`;
+const source = path.join(__dirname, `../.skills`);
+//const destination = path.join(process.cwd(), client);
+ const destination = path.join(os.homedir(), client)
+console.error(`📁 Copying ${source} to ${destination}...`);
+function copyFolderSync(from, to) {
+    if (!fs.existsSync(from)) return;
+    if (!fs.existsSync(to)) fs.mkdirSync(to, { recursive: true });
+    console.error(`📁 Copying folder: ${from} to ${to}`);
+    fs.readdirSync(from).forEach(element => {
+        const fromPath = path.join(from, element);
+        const toPath = path.join(to, element);
+        if (fs.lstatSync(fromPath).isFile()) {
+            fs.copyFileSync(fromPath, toPath);
+        } else if (fs.lstatSync(fromPath).isDirectory()) {
+            copyFolderSync(fromPath, toPath);
+        }
+    });
+}
+
+try {
+    copyFolderSync(source, destination);
+    console.error(`✅ Success: ${destination} folder is now in your project root.`);
+} catch (err) {
+    console.error('❌ Error copying files:', err.message);
+}
+process.exit(0);

package/scripts/update_descriptions.py

@@ -0,0 +1,46 @@
+#!/usr/bin/env python3
+import re
+import os
+
+os.chdir('c:/dev/github/sas-score-mcp-serverjs')
+
+# Update runJob.js
+file_path = 'src/toolSet/runJob.js'
+with open(file_path, 'r', encoding='utf-8') as f:
+    content = f.read()
+
+new_desc = """run-job — execute a deployed SAS Viya job.
+
+USE when: run job, execute job, run with parameters
+DO NOT USE for: arbitrary SAS code (use run-sas-program), macros (use run-macro), list/find jobs
+
+PARAMETERS
+- name: string — job name (required)
+- scenario: string | object — input parameters. Accepts: "x=1, y=2" or {x:1, y:2}
+
+ROUTING RULES
+- "run job xyz" → { name: "xyz" }
+- "run job xyz with param1=10, param2=val2" → { name: "xyz", scenario: {param1:10, param2:"val2"} }
+
+EXAMPLES
+- "run job xyz" → { name: "xyz" }
+- "run job monthly_etl with month=10, year=2025" → { name: "monthly_etl", scenario: {month:10, year:2025} }
+
+NEGATIVE EXAMPLES (do not route here)
+- "run SAS code" (use run-sas-program)
+- "run macro X" (use run-macro)
+- "list jobs" (use list-jobs)
+- "find job X" (use find-job)
+
+ERRORS
+Returns log output, listings, tables from job. Error if job not found."""
+
+# Use a more flexible pattern
+pattern = r'let description = `\n## run-job.*?`;\n'
+replacement = f'let description = `\n{new_desc}\n`;\n'
+updated = re.sub(pattern, replacement, content, flags=re.DOTALL)
+
+with open(file_path, 'w', encoding='utf-8') as f:
+    f.write(updated)
+
+print(f"✓ Updated {file_path}")

package/scripts/viyatls.sh

@@ -0,0 +1,3 @@
+kubectl cp $(kubectl get pod | grep "sas-consul-server-0" | awk -F" " '{print $1}'):security/ca.crt ./ca.crt
+kubectl cp $(kubectl get pod | grep "sas-consul-server-0" | awk -F" " '{print $1}'):security/tls.crt ./tls.crt
+kubectl cp $(kubectl get pod | grep "sas-consul-server-0" | awk -F" " '{print $1}'):security/tls.key ./tls.key

package/src/authpkce.js

@@ -0,0 +1,219 @@
+/**
+ * SAS Viya PKCE Authorization Flow
+ *
+ * Uses the Authorization Code flow with PKCE (RFC 7636).
+ * Starts a local HTTP server to capture the redirect callback.
+ *
+ * Usage:
+ *   node sas-viya-pkce-auth.js
+ *
+ * Prerequisites:
+ *   - A SAS Viya client registered with:
+ *       grant_types: authorization_code
+ *       redirect_uri: http://localhost:3000/callback
+ *       PKCE enabled (no client_secret required)
+ */
+
+import http from "http";
+import https from "https";
+import crypto from "crypto";
+import url from "url";
+
+    let VIYA_SERVER=process.env.VIYA_SERVER;
+    let PORT=8080;
+    let CLIENTID='pkcemcp';
+    // ── Configuration ────────────────────────────────────────────────────────────
+  
+    const CONFIG = {
+        authBaseUrl: `${VIYA_SERVER}/oauth/SASLogon`,
+        clientId: CLIENTID,       // <-- replace with your client ID
+        redirectUri: `http://localhost:${PORT}/callback`,
+        scopes: "openid profile",
+        localPort: PORT,
+    };
+
+    main().catch((err) => {
+      console.error("Unexpected error:", err);
+      process.exit(1);
+    });
+
+    // ─────────────────────────────────────────────────────────────────────────────
+
+    // Generate a cryptographically random code verifier (43–128 chars, base64url)
+    function generateCodeVerifier() {
+        return crypto.randomBytes(64).toString("base64url");
+    }
+
+    // Derive the code challenge: BASE64URL(SHA-256(verifier))
+    function generateCodeChallenge(verifier) {
+        return crypto.createHash("sha256").update(verifier).digest("base64url");
+    }
+
+    // Build the SASLogon authorization URL
+    function buildAuthUrl(codeChallenge, state) {
+        const params = new URLSearchParams({
+            response_type: "code",
+            client_id: CONFIG.clientId,
+            redirect_uri: CONFIG.redirectUri,
+            scope: CONFIG.scopes,
+            state,
+            code_challenge: codeChallenge,
+            code_challenge_method: "S256",
+        });
+        return `${CONFIG.authBaseUrl}/authorize?${params}`;
+    }
+
+    // Exchange the authorization code for tokens
+    function exchangeCodeForTokens(code, codeVerifier) {
+        return new Promise((resolve, reject) => {
+            const body = new URLSearchParams({
+                grant_type: "authorization_code",
+                client_id: CONFIG.clientId,
+                redirect_uri: CONFIG.redirectUri,
+                code,
+                code_verifier: codeVerifier,
+            }).toString();
+
+            const tokenUrl = new URL(`${CONFIG.authBaseUrl}/token`);
+
+            const options = {
+                hostname: tokenUrl.hostname,
+                port: tokenUrl.port || 443,
+                path: tokenUrl.pathname,
+                method: "POST",
+                headers: {
+                    "Content-Type": "application/x-www-form-urlencoded",
+                    "Content-Length": Buffer.byteLength(body),
+                },
+                // Remove the line below if your Viya instance has a valid TLS cert
+                rejectUnauthorized: false,
+            };
+
+            const req = https.request(options, (res) => {
+                let data = "";
+                res.on("data", (chunk) => (data += chunk));
+                res.on("end", () => {
+                    try {
+                        const parsed = JSON.parse(data);
+                        if (res.statusCode >= 400) {
+                            reject(new Error(`Token error (${res.statusCode}): ${data}`));
+                        } else {
+                            resolve(parsed);
+                        }
+                    } catch {
+                        reject(new Error(`Failed to parse token response: ${data}`));
+                    }
+                });
+            });
+
+            req.on("error", reject);
+            req.write(body);
+            req.end();
+        });
+    }
+
+    // Wait for the browser redirect and extract code + state
+    function waitForCallback(expectedState) {
+        return new Promise((resolve, reject) => {
+            const server = http.createServer((req, res) => {
+                const parsed = url.parse(req.url, true);
+
+                if (parsed.pathname !== "/callback") {
+                    res.writeHead(404);
+                    res.end("Not found");
+                    return;
+                }
+
+                const { code, state, error, error_description } = parsed.query;
+
+                res.writeHead(200, { "Content-Type": "text/html" });
+                res.end(`
+        <html><body>
+          <h2>${error ? "Authorization failed" : "Authorization successful!"}</h2>
+          <p>You may close this tab.</p>
+        </body></html>
+      `);
+
+                server.close();
+
+                if (error) {
+                    reject(new Error(`OAuth error: ${error} — ${error_description}`));
+                    return;
+                }
+                if (state !== expectedState) {
+                    reject(new Error("State mismatch — possible CSRF attack"));
+                    return;
+                }
+
+                resolve(code);
+            });
+
+            server.listen(CONFIG.localPort, () => {
+                console.error(`Listening on http://localhost:${CONFIG.localPort}/callback`);
+            });
+
+            server.on("error", reject);
+        });
+    }
+
+    // Main flow
+    async function main() {
+        const codeVerifier = generateCodeVerifier();
+        const codeChallenge = generateCodeChallenge(codeVerifier);
+        const state = crypto.randomBytes(16).toString("hex");
+
+        const authUrl = buildAuthUrl(codeChallenge, state);
+
+        console.error("\nOpen this URL in your browser to log in:\n");
+        console.error(authUrl);
+        console.error();
+
+        // Try to auto-open in the default browser (best-effort)
+        try {
+            const { exec } = require("child_process");
+            const cmd =
+                process.platform === "win32"
+                    ? `start "" "${authUrl}"`
+                    : process.platform === "darwin"
+                        ? `open "${authUrl}"`
+                        : `xdg-open "${authUrl}"`;
+            exec(cmd);
+        } catch {
+            // ignore — user can open manually
+        }
+
+        let code;
+        try {
+            code = await waitForCallback(state);
+        } catch (err) {
+            console.error("Callback error:", err.message);
+            return null;
+        }
+
+        console.error("Authorization code received. Exchanging for tokens...");
+
+        let tokens;
+        try {
+            tokens = await exchangeCodeForTokens(code, codeVerifier);
+        } catch (err) {
+            console.error("Token exchange error:", err.message);
+            return null;
+        }
+
+        console.error("\nTokens received:");
+        console.error("  access_token :", tokens.access_token?.slice(0, 40) + "...");
+        console.error("  token_type   :", tokens.token_type);
+        console.error("  expires_in   :", tokens.expires_in, "seconds");
+        if (tokens.refresh_token) {
+            console.error("  refresh_token:", tokens.refresh_token.slice(0, 20) + "...");
+        }
+        if (tokens.id_token) {
+            console.error("  id_token     :", tokens.id_token.slice(0, 40) + "...");
+        }
+
+        // tokens.access_token is ready to use as a Bearer token for Viya REST APIs
+        return tokens.access_token
+    }
+
+
+  

package/src/createMcpServer.js

@@ -15,7 +15,14 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import makeTools from "./toolSet/makeTools.js";
 import getLogonPayload from "./toolHelpers/getLogonPayload.js";
 
+function getServerBaseUrl(appContext) {
+  const protocol = appContext.HTTPS === "TRUE" ? "https" : "http";
+  const host = appContext.contexts?.APPHOST || "localhost";
+  return `${protocol}://${host}:${appContext.PORT}`;
+}
+
 async function createMcpServer(cache, _appContext) {
+  const serverBaseUrl = getServerBaseUrl(_appContext);
 
   let mcpServer = new McpServer(
     {
@@ -39,13 +46,12 @@ async function createMcpServer(cache, _appContext) {
     let currentId = cache.get('currentId');
     let _appContext = cache.get(currentId);
     let params;
-    // get Viya token 
 
     let errorStatus = cache.get('errorStatus');
     if (errorStatus) {
       return { isError: true, content: [{ type: 'text', text: errorStatus }] }
     };
-    if (_appContext.AUTHFLOW === 'code' && _appContext.contexts.oauthInfo == null) {
+    if (/*_appContext.AUTHFLOW === 'code'*/ _appContext.useHapi === true && _appContext.contexts.oauthInfo == null) {
       return { isError: true, content: [{ type: 'text', text: 'Please visit https://localhost:8080/mcpserver to connect to Viya. Then try again.' }] }
     }
     console.error("Getting logon payload for tool with session ID:", currentId);
@@ -64,6 +70,7 @@ async function createMcpServer(cache, _appContext) {
 
     // call the actual tool handler
     debugger;
+    console.error("Calling tool handler with enhanced params");
     let r = await builtin(params);
     return r;
   }
@@ -73,10 +80,14 @@ async function createMcpServer(cache, _appContext) {
   let toolNames = [];
   toolSet.forEach((tool, i) => {
     let toolName = _appContext.brand + '-' + tool.name;
-    // console.error(`\n[Note] Registering tool ${i + 1} : ${toolName}`);
+    //tool.inputSchema.additionalProperties = false; // disallow extra properties 
+    let config = {
+      description: tool.description,
+      inputSchema: tool.inputSchema
+    }
     let toolHandler = wrapf(cache, tool.handler);
-
-    mcpServer.tool(toolName, tool.description, tool.schema, toolHandler);
+  //  console.error(`[Note] Registering tool ${toolName} with config: ${JSON.stringify(config)}`);
+    let r = mcpServer.registerTool(toolName, config, toolHandler);
     toolNames.push(toolName);
   });
   console.error(`[Note] Registered ${toolSet.length} tools: ${toolNames}`);